We have made the risk appetite framework (RAF) part of its corporate governance framework, defining it as “a framework that, based on the our social role and management philosophy, clarifies the types and amounts of risks that should be willingly taken (risk appetite)1 and the risks to be avoided2 in order to achieve the mid-term management plan within the scope of our financial strength, and integrates business management and risk management.”
1. Risks to be taken: Risks associated with revenue-generating activities
2. Risks to be avoided: Unacceptable risks such as conduct risk
The main purpose of the Company’s RAF is to maintain the high degree of financial soundness required of a securities finance company licensed under the Financial Instruments and Exchange Act, and of a company responsible for the infrastructure functions of Japan’s securities market, while achieving medium- to long-term corporate value as expected of a listed company. To this end, the RAF improves the transparency of the review and decision-making process for establishing the Company’s overall risk-taking policy, including capital allocation and strengthening of profitability. Furthermore, the RAF optimizes allocation of management resources and strengthens monitoring.
In the operation of the RAF, the Board of Directors establishes risk management policies for overall management based on the social role that JSF should play as a company responsible for infrastructure functions of Japan’s securities market and its medium- to long-term vision for the future. At the same time, the board determines the basic items of the RAF, such as risk appetite and the risk appetite indicators that specifically reflect its components, in conformance with the mid-term management plan. Risk appetite is set from a wide range of perspectives, including management stability and financial soundness, as well as the social responsibility for the infrastructure functions of and contributing to Japan’s securities market.
In the execution of business management, we set more detailed targets and decide plans for each business as we promote the medium-term management plan, keeping in mind our risk management policies, risk appetite and risk appetite indicators decided by the Board of Directors.
The Board of Directors works to improve and strengthen the effectiveness of the RAF on an ongoing basis by monitoring risk appetite and risk appetite indicators as it supervises the status of business execution. If risk appetite indicators deviate from set levels, the board analyzes the causes and formulates countermeasures.
Process for Setting and Managing Risk Appetite
In order to play a public role as part of the infrastructure of Japan’s securities market, we take risks with a keen awareness of maintaining financial soundness and ensuring that concurrent businesses such as securities finance do not affect the stable operation of our licensed loans for margin transactions business. In addition, through regular training and interviews we strive to stay apprised of the status of employees’ compliance awareness and the work environment, and take care to reduce conduct risk.
The risk culture fostered by JSF’s identity is firmly instilled throughout the Company through adherence to the Code of Conduct for Officers and Employees and the risk management policy, and serves as the operational foundation of the RAF. In addition, risk governance is further strengthened through the cyclical effect of continuously raising awareness of risk culture through the operation of the RAF, which further fosters and instills this culture.
We will continue to increase the sophistication of our risk governance, which constitutes part of our corporate governance, and aim to achieve sustainable growth and increase our corporate value over the medium to long term.
We broadly classify assumed risks for management as credit risk, market risk, liquidity risk, operational risk and system risk. For credit risk and market risk, we strive to secure profits while quantitatively identifying risks and keeping them within levels that match our financial strength. For liquidity risk, operational risk and system risk, we strive to prevent their manifestation by implementing appropriate management according to risk characteristics.
Regarding reporting, credit risk and market risk are reported to the Management Committee following discussion at the Risk Management Committee, and liquidity risk is reported to the Management Committee following deliberations at the Asset Liability Management (ALM) Committee. The officers responsible for each committee regularly report to the Board of Directors on the status of risks and measures to improve risk management.
We have developed a risk management system by using the risk appetite frameworks. It is described below.
In participating in the Japanese Securities Clearing Corporation (JSCC) clearing and settlement system and Market Operations by the Bank of Japan, we are required to calculate, manage and maintain our capital adequacy ratio above a certain level in accordance with the Financial Instruments and Exchange Act. Specifically, we precisely calculate and manage this ratio on a monthly basis, monitor the impact of daily market fluctuations on equity capital, and quickly report this information to management. We also verify our capital adequacy by using stress tests to calculate impacts on our equity capital, and formulate action plans, as necessary. We conduct two types of stress tests: monthly tests based on individual credit and market stress scenarios, and semi-annual comprehensive stress tests based on scenarios that reflect the current financial environment.
We use integrated risk management to quantify various risks with unified methodology and to keep the total amount of risk within the bounds of management strength.
For credit risk and market risk, we allocate risk capital to each risk category within the bounds of our equity capital, then quantify risks using the Value at Risk (VaR*) method to keep the calculated volume of each risk within the bounds of the risk capital allocated to it.
To measure operational risk and system risk, we use basic methods and set the necessary risk capital amounts accordingly.
Amounts of risk capital to be allocated are determined by the Management Committee following deliberation by the Risk Management Committee at end of the fiscal year.
Each risk operation department keeps the risks within the bounds of the risk capital allocated to them. The Risk Management Department, which is independent of the risk operation departments, quantifies the risks, monitors the status of risk operations, and reports its findings to the board members.
In the event that a risk may exceed the allocated amount of risk capital, the Risk Management Committee holds an extraordinary meeting to deliberate how to respond and then consults with the Management Committee.
*VaR is the maximum expected loss on an asset calculated with a certain period (holding period) and a certain probability (confidence level). This is calculated based on data in the past with statistical method. In our company, VaR is calculated based on confidence level of 99% and holding period of 1 year from 10 days.
JSF quantifies and manages credit risk using default rates for in-house ratings that it has calculated for each of its business partners. For credit management, we screen business partners, securities accepted as collateral, and loans, and set and manage transaction limits for each business partner. For each loan transaction, we generally accept securities equivalent that set appropriate haircuts (value markdowns) based on the volatility and market liquidity to the loan amount, and reduce exposure by marking to market the collateral securities on a daily basis. In the event of borrower bankruptcy, we take steps including selling securities held as collateral to promptly collect receivables. Additionally, each department implements rigid self-assessment of those assets for which they hold jurisdiction and we manage large credit positions by calculating the stress exposure for each business partner across our businesses on a daily basis and sharing this information with business departments.
JSF quantifies and manages market risks (using the historical method or the variance-covariance method.). Furthermore, to validate the reliability of the market risk quantification model we have adopted, we also implement back testing to compare calculated value at risk (VaR) with virtual profit and loss from a given portfolio. At the same time, we appropriately control investment losses by setting loss limits based on overall profit and loss.
JSF recognizes liquidity risk as a significant risk, and strives to ensure the funding liquidity necessary for stable business operations by securing commitment lines from multiple financial institutions, diversifying funding methods and maturities. For cash flow management, we set a minimum amount of liquidity reserves based on the assumption that certain stress events will occur in financial markets. We monitor the state of liquidity reserves by formulating cash flow forecasts and confirming the amount of funding available, as well as the status of highly liquid asset holdings, while confirming concentrated maturities for large amounts of funds. We also have a system for reporting the status of daily cash flow to management. Furthermore, we conduct liquidity stress tests to anticipate potential risks, such as cash outflows during periods of stress in the funding environment, and to assess and monitor the required level of on-hand liquidity. In addition, we manage liquidity risk on a consolidated basis by receiving daily reports from JSF Trust and Banking that include cash flow forecasts and the status of its liquidity reserves. Furthermore, we prepare for unforeseen circumstances with measures to supplement liquidity, such as holding a certain amount of government bonds that we can immediately convert into cash.
Each department at JSF is responsible for managing operational risk, which we mitigate by ensuring that employees are fully versed in appropriate administrative procedures through the development of rules, manuals and other guidelines, as well as through training and other education. In addition, we regularly conduct internal audits to prevent incidents and to improve administrative processes.
JSF has established an information security management policy as the basis for information security measures, with the System Planning Department responsible for managing system risks and implementing necessary measures for each risk. To ensure stable operation of our information systems, we proactively prevent system failures by employing redundant networks and equipment. To ensure secure and efficient system development and operation, we clarify work procedures and establish monitoring systems. In addition, we protect our information assets, encompassing information and systems, through measures against unauthorized access and cybersecurity threats. We have also established rules that all officers and employees must adhere to, and ensure thorough understanding. Furthermore, we have implemented measures to minimize and quickly recover from the impact of system failures, such as preparing various response manuals and by conducting training.